The only real requirement of rational law is that of _informed_ consent.
If all parties involved are capable of informed consent, and give informed consent without duress or coercion, then the act should be legal.
Children cannot give informed consent, so child porn, and peadophilia are out. Dead things is tricky since the dead are _things_ and things are not expected to give consent. Prostitution and adultery are no-brainer legal. Beastiality is tricky since the beast cannot give informed consent but some people think animals are things, but since animals can suffer, accumulate experience, and "hold a grudge" then we must assume they deserve to be protected by consent.
Now the thing where we have made haivng "simulated child porn", involving no actual children, illegal is beyond stupid IMHO.
Incest (non-reproductive anyway) is only problematic in that family dynamics often constitute lifelong duress because the obligations and conditioning never go away.
Necrophilia is actually a property crime, oddly enough, though the law outlaws it outright because it is "ichy", which is a whole other kettle of law.
But these problems are, indeed, problems in our looming future. If we gene-tweak animals until they are intellegent enoug to give consent is it beastiality any more? How about if we make machines sentient, then are they still "things" that don't need to give consent? We have varying standards for the age of majority for different things in different places; consider voting, vs sex, vs drinking.
When it comes to morals and ethos, the fundimental problem is that outside a firmly agreed upon center, the only people who _should_ be alowed to do most things are the people who wouldn't actually do them.
Thing is, the people who want to stop other people from doing most things are typically the last people who should be allowed to judge.
I know for a fact that "the government" was not even listening to the country when it invented the UAS PATRIOT ACT.
I wrote my congresspeople and explicitly and simply asked them _NOT_ to pass ANY laws or regulations in response to 9/11.
I got back a form letter that said that "in response to my concerns" and the concerns of "likeminded americans" congress was working as fast as it could to assemble and pass legislation to (whatever and so-on).
In short, I got the form letter treatment "assuring me" that they were busy doing _exactly_ what I begged them not to do.
So when politicians invoke the public will as revealed by their correspondence, I tend to disbelieve. They don't read the mail, they sort it by category and subject matter, then _weigh_ it apparently. Then they decide that everybody is demanding whatever the letter on top says, ignoring any letter on top that doesn't match the political bias that the politician has already decided makes him look most re-electable.
It's all crap and it is out of control. Everybody is talking. Nobody is listening. and the game is, bought anyway.
[A:] Never accept form data via GET, always require POST.
I never understand why any web page, other than something like google search, will or wants to accept data that is part of the URL for any meaningful interraction.
Sure it's bookmark friendly but:
(1) GET contents are logged by default, and PIN-trap elligible in post-facto and blind ("fishing") legal actions, POST contents are not.
(2) GET is the verb used in things like IMG SRC="" requests, if all GET requests are incapable of incidental write operations then that whole category of cross-site-scripting attack is rendered moot.
(3) Because of item 1, the contents of your web server log(s) is, by default, promoted from a stream of tidbits to a first-tier security risk in need of secure archiving. [If you have followed good practices and separated your database machine and your web server onto separate platforms, for instance, then a compromize of your web server of the classic sort will net very little at all if all your logs say is "IP X.X.X.X GET http://site.tld/someform" and "IP X.X.X,X POST http://site.tld/somerequest". If action and identification information are passed around in your GET(s) then an attacker can learn that IP address A.B.C.D is the home of USER=Bob and so forth.]
Basically if people had _honored_ the designation of everything after the question mark ('?") as a _query_ _string_ in the HTTP specification, but not carried the SQL-burdened definition of "query" into the issue, a lot of web-pain could have been avoided.
Yea it might not be as bookmark friendly, but when is it ever smart to bookmark the POST of a filled-in form?
[B:] learn what a _real_ DMZ is (e.g. two routers with the public machines between them and the internet behind one end and the intranet behind the other, with very intense restrictions on what traffic can pass from the DMZ into and through the internet end and _both_ routers configured to _distrust_ _all_ connection attempts originating from the DMZ machines). Then implement this arrangement correctly. There are a bunch of rules for doing this right, and if you follow them your web service machine will be "stuck" in a deep warm hole of safety, in that what it can do will be greatly limited, which is at least as important as making sure that what can be done to it is limited. Most exploits require more than one path to the machine, for instance tricking the web server into "calling you back" with a telnet session or an FTP or SCP of bulk data. If the web server can only pass traffic from the one port (port 80 etc) off of the DMZ then even a successful compromize of the machine may be stopped from having any net effect.
[C:] Every machine in the DMZ is allowed to do exactly one thing. e.g. don't build a LAMP machine, build a LAP and a separate LM machine and place them very close together. This sort of separation can even be done with virtual machines. Just so long as the machines cannot peek at one another's storage etc.
This is not mainstream wisdom, but it is out there if you look for it. (e.g. I didn't make all this stuff up myself. 8-)
There are lots of things that are easy, but not always cheap, to do that could make the world much safer.
They just aren't in the five-days-to-your-web-presence quick-start guides to web servers.
So yes, if I _took_ those bits and bytes from you I would have engaged in theft. But you still have them, so I didn't take them. I copied them. This is a different thing. If words have any meaning in law (that hyperbole of course, the the specific meaning of words is the entire exercise of law) then copying cannot be theft.
See how take and copy are different?
So now, if your position is honest, we are in complete agreement. If I took from you it would be theft, but I copied from you so it was not.
As to your "identity theft" argument, in that case, the act of copying your vital details is not the crime, you give those away all the time. The acto of "stealing your identity" is the crime. In that case I would be taking "your good name" by using it to its detriment and leaving it damaged. i.e. by using your credit up, by selling off your hard-earned reputation to by 74 big-screen televisions and leaving you on the hook, I actually took something from you. You were factually deprived, and likely you will have to expend time to straighten things out and people will want to attach your money to regain their own because they think I was you.
If I "stole your identity" and did great works with it, enriching the poor and feeding the hungry, you probably woudn't consider it "identity theft" unless it maid your syndicate bosses suspect you weren't the criminial they needed.
See, in terms of trading on someone else's name, the definition of "to use up" is widely variable because the the inherent "loss" or "deprivation" is very subjective.
But "lost money" is very objective, so for my copying to in any way "deprive" you of your money, you needs _must_ be able to demonstrate that my act "used up" and therefor "deprived" you of money to claim monitary loss from theft. In the cases where some guy was selling bootlegs on the street, his gain is measurable loss maybe.
No such loss is in evidence when some 13 year old is watching a grainy hand-held-camera-in-a-theater version of random aneme flick over eDonkey.
(1) Consult a lawyer, you shouldn't take legal advice from slashdot that goes past "you shouldn't take legal advice from slashdot".
(2) Admit that you wrote this because of your job and that "now you should pay me extra for it" is a combination of pipe-dream and sour-grapes exacerbated by pride of creation. The project either came out better than you expected, or was chosen because you felt a real need for it and you _knew_ that it was never going to happen or be approved as "real work". This means that this was some sort of clever ploy on your part, deliberate or not, to drive the thin wedge of a chisel into your employer.
(3) If your program is that good, and it really is worth the extra green folding applause, open-source it on Source-forge or something. This way you can reap the glory of your code to get a programming job commensurate to your skills from another company instead of trying to wedge one into existence at your current employer.
(4) Never admit to future employers that you have any system administration skills. No matter what job you go to, they will invariably end up wanting you to administer some system beyond whatever you are hired to do. It's like having herpes, putting your self through college by stripping, or having "an earthy past"; you can never un-have it and your life is easiest if you can hide it from anybody not directly impacted by the shame of it all. It took me several years to wash the taint of "systems administrator" out of my resume and longer still to scrub the "never mind, I'll fix it" habits away. Programming job? fine, but do you mind if we call you any time day-or-night if we can't print and its "Really Important"?
The entire question and genesis of your "hobby" implementation smacks of passive aggressive maneuvering.
Then again, I have made several "hobby" implementations of things and then open-sourced them through my company's back door. [http://underdog.sourceforge.net being the latest of such, though it is stalled for at least another month.] Since I am not "a programmer" at my current job, and there are various impediments to the lateral movement of software in my company if "any project" paid for the development, spending some of my personal time to make my professional life better is time wisely spent.
See there is this thing, shat upon of late in our culture, called "enlightened self interest". That is where you do things that seem, short-term, to not be in your absolute best interest because the total gain is worth it.
If your project really was a hobby action, then you _already_ got the expected return. You have already paid yourself what it cost. Any further payment, be it cash from your company or recognition from them or others, should be pure profit.
The structure of your question, however, belies that tautology. You expect (future tense) to be rewarded with value for the effort expended. This expectation belies any claim of you having done the project for its own sake as a hobby. So to me, and probably to your boss, your question reads "I did all this work, related to my job but un-asked-for, and now I want some payback.
I dearly hope you get your boss to pay you for your work. You will deserve the horrible fruit that will actually bear. Trust me, it will be horrible fruit. If your boss decides to buy the software from you under separate terms, you will find yourself on the hook for free, as in utterly unpaid, support at all hours day-and-night. It won't come under the terms of your base employment, it won't count as overtime etc, and if you try to say "no" well, your boss controls your "actual job" too, so you have nowhere to walk and nobody to blame but yourself. Yes, I have seen this happen to others, and yes it has happened to me.
The two winning moves are:
(A) just drop it on the bosses desk and say "I did this out of pure frustration, do you want us to use it?".
(B) put it on source forge _then_ go back and drop it on your bosses desk and say "I did this out of pure frustration, do you
Imagine a BitTorrent DHT based DNS system. Anybody can add any record they want. There is a convenience layer where human readable DNS names work, but its insecure because anybody can add any record they want.
Real Business(TM) happens when PGP fingerprints or full public keys are used to retrieve the associated records. Each of those records would, of course, be signed with the key in question. Banks and Real Businesses(TM) would have QR code business cards and whatnot with the fingerprints, and people would be likely use bookmarks and home pages they way they were supposed to.
Finally, the smart money would be to actually use the key to encrypt the data/requests flowing towards the host, and have the first (or every) request contain the key the user wants to have used for the encrypted response(s).
Block or deep-packet-inspect that...
It is completely workable, the technology exists, it is "more secure" but, sadly, "more phisable" at the plain-text DNS names level.
Of course, DNS should have never been used as a warrant of identity anyway, it was designed as a phone book and phone numbers change hands, so the first-tier weakness is far exceeded by the value of the rest of the system.
I'd agree that copyright should exist, but in two halves instead of one. This is probably not practical but it would be the right thing...
(1) The right to control the commercial exploitation of the work should vest with the _author_ for life. In particular the right to charge for the work, the right to produce sequels, and generally the right to keep a commercial entity from reaping all the "follow on" rewards for free. The main reason I would want this is because I would like to be able to block, say Disney, from coming in and turning my gritty life lesson into pablum (see "The Little Mermaid" etc) without at least having to buy off my integrity. Once I am dead, who cares...
(2) The "right to be paid" for first-sale of literal copies of the original work, which should peter off at seven years or seven years worth of "good income" for the author.
Non-paid transfers of copies and non-paid non-commercial copying is simply not covered at all.
The rule here is thus: The author gets a cut, if there is a cut to be had, of any new issue of the work. The author retains the right to say "no you cannot use my work for that commercial purpose", the right of _all_ _parties_ to charge for each/any new commercial distribution expires at seven years from that distribution or once the author has been reasonably paid (e.g. no one production of a work entitles anyone to a lifetime of income, else-wise we should still be paying a monthly salary to every layer of any brick in any building ever built); Yes mister big movie production company, you can make a movie of my work, but it will go non-profit at a known point in time, so plan accordingly.
Basically if I am still alive at ninety and you want to make a movie of the book I wrote at thirty, I still deserve both the right to say "you may not debase my creation for cash" and/or "you must pay me." Once I am dead its kind of out of my control. (No my kids/estate don't "deserve" to profit from my corpse any more than the estate of the guys who built the Golden Gate deserve a cut of the toll; that way lies eternal madness.)
Also, I deserve the right to control Cannon for my characters and work, at least in the commercial sphere. (Nobody can stop slash-fic etc). My great opus may be a sequel that I have been working on for years, and as such it could be destroyed if the original gets Disney(d) into alternate cannon by a big production company with broad distribution.
Individual scale copying and copying non-commercially is just below the legal and moral noise floor. Too bad, so sad. Selling unauthorized copies is restricted for until that seven years or I've been paid threshold, but then the gates are opened.
No DRM period. Ever. DRM is the way technology is used to illegally restrict (forever) something that enjoys no legal restriction, in the name of "trying" to stop a corner-case that would be illegal but rarely happens and never matters.
This is how I think it _ought_ to be.
No I don't know how I would express this moral code as a legal statute.
CentOS's release schedule and priorities are centered around F5 Networks need to rev their Big IP product. It's not "seat of their pants" it's "do enough to keep our product happy, and then, well, whatever."
Or at least that's how it was when I worked at F5.
And Red Hat then, more recently, started making things hard for CentOS because they know the above is true. They stopped shpping "stock source plus patch files" and started shipping patched sources.
You know, the "study" (which I didn't read, this being slashdot 8-) probably involved exposing the languages in question a hugely diverse and wide ranging number of College Undergrads That Fancy Themselves Programmers. As such, the fact that the quality of the code was not distinguishable despite the language chosen indites the programmers more than the languages.
The problem with most studies is that College Freshmen already know everything so any attempt to test them is doomed to fail.
As soon as "9/11 happened" I wrote to my congress critter and asked them _NOT_ to consider or pass any legislation in response to the attack.
I got a letter back "assuring" me that congress was working as hard and as fast as possible to do _exactly_ what I begged them not to do.
Dear Rest Of The World:
Next time you decided to deport all your religious wackos, please do not send them all to one place. It weakens the gene pool. If you'd sent us some of those criminals you sent down under to dilute the wacjobbery things would have turned out better.
Signed, the descendants of your bad choices, the U.S.A.
This guy is trying to break into my bank account. I use the last four digits of Pi as my PIN. Once he finds them, my hundreds of dollars are sure to be his.
I got no (practical) options for my broadband here just 10 miles outside of Seattle WA.
What is this "competition" thing I keep hearing about? Where do I go to get _that_?
Maybe it's something they have in free countries, but I live in the U.S.A. where all the meaningful markets are closed, and most of the menaingless ones are soon tto follow under the boot-heels of NPEs.
Many people are not suited to run any kind of business for one reason or another. That doesn't mean than none of the members of a given category of people, except maybe autistics, are a-priori unable to run a successful business.
There are _lots_ of MBAs and their ilk who are not suitable for running a business.
The point of the article isn't "all geek and software guys should run businesses", it is rather the more salient point that "business should be run by the people interested and knowledgeable of the business at hand, rather than people who only possess a prurient interest in the money such a business might have wrung from its functions".
Neither "Lawyers" nor "Businessmen" should _ever_ be allowed to run a business (except for maybe a law practice) nor make policy for any business or government.
By analogy "min-max gamers" make terrible authors because they don't know how to balance characters, and Michael Bay is a terrible director because he doesn't know the difference between a special effect and a plot advancing event.
Money is supposed to be a tool of business, not be the point of one.
Real world example from a previous employer regarding a C++ project:
(element X) All class member variables shall be accessed vit standard format "getters" and "setters".
(element Y) All class member functions shall be defined within the separate compilation unit associated with the class.
These two elements were far apart from each other in the text. The combination of the two meant that most simple accesses of atomic data types (say integers) went from being an integer load (mov EAX,address) to a far call into a separate object file. When I complained I was told to STFU. When I ignored these two requirements and my code was the only code that ran in the time projected and allotted, everybody acted all surprised.
Most coding standards are good for keeping NPEs (non-practicing entities) straight out of school "in line", but they function on the "interchangeable morons" school of programmer management. Thing is, if your code is constrained to allow for the interchange of morons, then your code will be moronic.
goto(s) are bad, but "break" and "continue" are fine. Sure. Except that every now and again, a goto is _exactly_ what you need to make the logic clear, and sure you could skip the goto with purely local throw catch to get out of a nested loop, but that exception isn't all that exceptional any more.
I am all for "thou shalt not" if (test)
{
commands;//this is not indented more than the braces
}
when it is preventing something that unreadable, but that's more of a "call the idiot into your office and smack him upside the head" transaction IMHO. Meanwhile I bet someone is going to jump up and call that the epitome of good code layout.
Even Microsoft has abandoned that stupid thing where the type of the variable is prefixed to the name, which seemed like a good idea to have sValue for a short value, until someone decided that maybe it should be a long, but the docs had all been printed and everybody had already written most of the code, so you end up with just the declarations changed "long sValue;" because a global search and replace would have scooped up a bunch of "psValue" entries, and "short sValue" declarations in functions where it didn't change. We generally _ban_ "lptrszActualUsefulName" in favor of "ActualUsefulName" since it's the _compiler's_ job to deal with the type. Evidence shows that a programmer can deduce "FileName" is a string, and if he cannot, there is usually a declaration right there to tell him what it is if he cannot remember.
Coding standards are like military plans. The DO NOT SURVIVE first contact with the enemy, that being programmers trying to solve real world problems in non-retarded ways.
There are only two hard standards: Your code must be readable, your code must not suck.
But just like comparing Finnegan's Wake to Star Trek Slash Fic, the argument of what constitutes "Readable" is unbounded.
And the state is going to issue you your "smart device" and coincidentally reserve the right to regularly download everything on it to their servers?
And the state is going to supply homeless people with electricity and chargers for their devices because they also enforce "no existing in public without a state-issued ID" laws.
And the state is going to mandate DRM in all those smart devices so that nobody can display a "fake ID".
And its _all_ going to be universally in place in three years....
Their child prostitution is right out there leading their marketing pushes. Check out the "teen seen" music sources and Disney Channel fare. 13 year old girls in bustiers?
MAFIAA is _proud_ of their rampant selling of child sex and sexuality to the public. That it is more "child porn" than direct prostitution is the only possible argument.
Red Hat regularly puts out "minor releases" that contain stuff that shoudl be "major releases" because they are selling their product to corporations that don't know how to deal with change. What is the point of selling a 2.6.18 kernel with 98% of the 2.6.39 updates in it? Well, since they "didn't change their kernel release" they don't have to worry about getting the new release through the change board.
I work with military stuff and we have guys come in from the military and say "you have to stick with Red Hat version X because that's what this four year old product uses and we don't want to have to deal with a different version.
So this is a case where you were burned by letting the corporate mentality "down play" the truth of the technology.
The linux kernel people don't change things like/proc on a whim, they change things when they discover that something is insufficient. Backwards compatibility is not the final argument. And tell me, how long did it take to fix the change to your proc parser? Probably not very long at all, unless it was one of the things they let in only to discover that it was inappropriate or unworkable beyond the original implementation. In that case it is better to cut out the infection early.
Windows is still hauling around Windows-95 era DLL mistakes. That isn't really doing any of us much of a service. This never rewrite bad code or invalidate any old interface approach was easier, and marketable, but it has held back far more technology than it has fostered.
you don't demand that your 1995 model year carburetor work on your 2010 year car, you don't even demand that the 2009 fan belts fit either. But god forbid you test the latest update before you roll it out and be prepared for it to take some tweaking.
And yes, this variance can be dealt with on a business-wide basis without breaking the bank. Especially if the parts start with the industry standards (e.g. Firefox) instead of random perturbations of said standards (IE).
I didn't say "fix it yourself", so you are "full of the normal reading-in of statements that you can then attack" straw man stuff.
Two points:
There is _never_ a case where "you can't ever fix it at all" is better than "you can fix it if you must". Having an open branch of action is always better than being stuck.
My actual, intended point, was perhaps stated poorly. In many of the commercial software packages I have had the experience of using or making "en mass", there was a pervasive belief that since there was a (paid) tech support channel, it was okay if the release thing was "a little sour" or "just plain crap" as there would be a second tier, and other people, and "more money later" to deal with the crappy bits. HOWEVER, in Open Source, if you put out crap you are going to get a crap load of annoying feedback and abuse from people unwilling to fix it themselves, or even put together a marginally useful bug report. There is no job as thankless as dealing with the fallout of giving something away for free. Because of this "no paid support", the Open Source developer tends to put out _better_ code in the first place so as not to have to deal with the bug-report aftermath.
Additionally, since there is no "check in your build before you go home Friday or else" pressure, on the average code isn't check into the public sphere until the programmer is either "done with it" or until it's "as good as [they] can make it right now".
In short, the people coding for their own benefit don't want the bugs as they offer no benefit; and they _really_ don't want to give the bugs out as that is a detriment, so they don't do "paycheck" work, the do "I actually care" value work.
On the average "for profit" software is usually of lower quality than "because I wanted to", or when it _is_ inferior, there is usually clearly delineated "this part sucks because [some reason] so you will likely need to [some action]" disclosure. No for-profit company is smart enough to ever tell the customer "this part sucks".
In short, open source is usually "better" and "more stable" because nothing is hidden and nobody who is producing it want's to deal with the whiners. This doesn't mean there is no whining.
Finally: anybody who doesn't get the part where "fix is yourself" is an actual option and, absent some remuneration, the "you should fix it for me" bleat is inappropriate, just really should go buy something that will never be fixed and decide to like it. 8-)
I gotta say, most people I work with use firefox regardless of business policy and it hasn't cost the company a dime to the best of my knowledge.
Now I know that "more or less zero" cost wouldn't scale up unchanged.
But as far as I know, there is no reason to believe that the cost (including security exposure to things like Active X and unpatched flaws) of sticking to old IE builds, is known to be cheaper than the cost of checking the latest release of FireFox against a company's list of must-have web applications.
There is no requirement to update Firefox with every EOL, and in general it isn't that fragile.
Meanwhile the "Windows Habits" have got major companies I am not allowed to name running FireFox 2-or-so to this day because they don't want to deal with the life cycle on their non-windows (Feodora etc) boxes.
Business were made sorely afraid by being repeatedly burned by Windows updates. It is oddly rare to be so pervasively burned by non-windows platforms. Before MS and after, most updates are reasonable, just no so much for MS. In my experience anyway, yours may vary.
It's "corporate IT departments" that are irregular. They are used to things breaking with updates so they are afraid of updating anything. So sure, just ignore the ludite businesses and "pander to" the "regular users" so that the business, who _alwyas_ must be forced to act anyway, will be forced to evolve.
Trying to make "business users" some kind of non-regular users is trying to invent a false dichotomy.
I think Mozilla et. al. would be _correct_ to utterly ignore any "business specific" evolution as that would be counter productive. Making software "for businesses" is like making software for _any_ niche, in the long run it is a disservice.
Funny thing is, while my company provides IE etc, I and many like me, put Firefox on because it suits our business better anyway. For instance, when I use my company's horrid Junipur Networks VPN thingy, IE8 is horrific and I have to log in and out several times before I can get all the way in (network connect) but if I run Firefox and log in, it grinds for a bit but I get all the way in, usually in one or two tries. (I've watched the [sun] java console and know that the symptom is tied to some odd interface class that links java events to java-script/emca-script events in the browser, but I haven't dug deeper).
The fact of the matter is, the better the browser meets the HTML standards, the better it is for business. Period. The IE-centric web cannot survive the age of the iPhone/Android boom. They will conform or they will continue to fall by the margin. Heck, Windows version-next is all HTML5 by their own announcements.
Now the fact that Linux evolves faster, and so does Firefox, is only "a problem" for companies that are used to having to vet every slow-moving version of Windows. The habit of expecting breakage and avoiding patches is well established for Windows, because it was hugely necessary for Windows. On the average that breakage is far less common in the Open Source stuff as nobody is getting paid for bug support and anything broken can be fixed directly.
In short, we are in the pre-collapse age of secret-source, and the companies are going to lag behind there.
It is "correct" IMHO to aim FireFox at "regular users", since businesses _are_ "regular users". That is the only way to drag "corporate overlords" into the modern era. That has always been the case.
The summary is unclear about a number of things, and the article is not so clear either.
Say one company takes a stock linux distribution (or makes a tiny distro of GPL/Linux parts) and then adds a special binary that does things like phone-home calculate a IPSec key, and then wake up a VPN using that key. This company is on the hook to distribute all the GPL/Linux bits as source but _not_ the key generating program that is "merely" on the same media. The program could also be, perhaps, a web interface for the device running as scripts or binaries or whatever. As long as the program's in question do no link with (in the software linking loader sense) the GPL bits there is no "taint of GPL" to the added code. (This was the old "the GPL is infectious like a virus argument, which people finally understood as "no its not" 8-).
Lets say some other company then makes a mod-kit for the device above and either (a) distributes the kit and/or (b) buys up the devices, applies the kit, and re-sells it.
The second company has no rights to the binary of the first company, but since the first company sold the device in question to either an end user (in case a) or to the second company (in case b), the second company is clear of copyright issues. e.g. they are not making copies of the binary. The first company is not, however, in a position to dispute the second company's action since it isn't making copies of their software, so the second company has no basis to block the second companies actions.
If the first company's software is linked with the GPL bits (e.g. actually in the kernel, or a modification of the IPSec programs in our example) (and not LGPL bits, but full GPL bits) then the first company has three choices: (1) distribute the source with the binary in a common and accessible format (e.g. CDROM, thumb drive, etc) of (2) agree to make the code available to the recipients of the binary for a minimum period of time, put that in writing, and maybe charge a copying fee or not. If they don't do one of those two things then they are NOT ALLOWED to distribute the resulting program. In both cases the recipient of the source is not under any obligation _NOT_ _TO_ just give the source to everybody at _their_ discretion and expense. That is, company one can safely limit its exposure to follow-on distribution costs by only having to distribute the code to the people who got the binary from them, but they can NOT require that the code they give out is not to be copied on by the recipient.
In the case above the first company is trying to stop the second company from doing things. First they said "that is one whole system and it's our 'property' so you cannot mess with it." and the second company said "if its all one system then that system is GPLd and we can quite explicitly do any thing we like with it _OR_ you had no right to sell or even give it away in the first place and you are in deep trouble."
So then the first company said "wait a sec, we mis-spoke. There is all the GPL bits and then there is our program. Our program is ours so you cannot mess with the device." and the second company went on to say "We can mess with the device and all the GPL bits all we want because you sold the device and the GPL bits are GPL. You bits are irrelevant to what we are doing so leave us alone."
So _now_ the company is trying the "well yea, we did sell the device, and you can mess with GPL bits all you like, but when we put our bits in with the GPL bits we were making an artistic statement a whole and when you mess with the GPL bits you are wrecking our artistic vision."
The third argument is tricky in that its as if the first company went out and got three peices of music under the GPL and added a fourth that they want to license under different terms. A guy comes in and messes with one or more of the first three, by perhaps substituting in a "dance re-mix" of the the third song. Now the first company says "the second company is messing up our presentation of these for songs as a whole by tweaking
That would be _FOUR_ liquids passing through the nozzle, not just one. Anode Charged and Cathode Charged going in, Anode Discharged and Cathode Discharged coming out. Mixing of the two charged liquids is the part I think would be hugely dangerous. Small amounts would invariably leak out in traces, and it only takes a some kid going "what's that daddy" for someone to touch the residue of both ports and shock or burn themselves.
And one way or another, when you fill that canteen you either leave/trap a little air or waste some water due to overspill. In fact I bet you often do both.
And the word I meant to put in the subject was "Apocryphal"...
Slashdot Mirror
Since there are no DNS servers in Belarus, apparently they are not allowed to use URL with non-numeric host parts.
I really wish I had a magic wand so I could selectively grant people what they ask for in _full_measure.
The only real requirement of rational law is that of _informed_ consent.
If all parties involved are capable of informed consent, and give informed consent without duress or coercion, then the act should be legal.
Children cannot give informed consent, so child porn, and peadophilia are out. Dead things is tricky since the dead are _things_ and things are not expected to give consent. Prostitution and adultery are no-brainer legal. Beastiality is tricky since the beast cannot give informed consent but some people think animals are things, but since animals can suffer, accumulate experience, and "hold a grudge" then we must assume they deserve to be protected by consent.
Now the thing where we have made haivng "simulated child porn", involving no actual children, illegal is beyond stupid IMHO.
Incest (non-reproductive anyway) is only problematic in that family dynamics often constitute lifelong duress because the obligations and conditioning never go away.
Necrophilia is actually a property crime, oddly enough, though the law outlaws it outright because it is "ichy", which is a whole other kettle of law.
But these problems are, indeed, problems in our looming future. If we gene-tweak animals until they are intellegent enoug to give consent is it beastiality any more? How about if we make machines sentient, then are they still "things" that don't need to give consent? We have varying standards for the age of majority for different things in different places; consider voting, vs sex, vs drinking.
When it comes to morals and ethos, the fundimental problem is that outside a firmly agreed upon center, the only people who _should_ be alowed to do most things are the people who wouldn't actually do them.
Thing is, the people who want to stop other people from doing most things are typically the last people who should be allowed to judge.
I know for a fact that "the government" was not even listening to the country when it invented the UAS PATRIOT ACT.
I wrote my congresspeople and explicitly and simply asked them _NOT_ to pass ANY laws or regulations in response to 9/11.
I got back a form letter that said that "in response to my concerns" and the concerns of "likeminded americans" congress was working as fast as it could to assemble and pass legislation to (whatever and so-on).
In short, I got the form letter treatment "assuring me" that they were busy doing _exactly_ what I begged them not to do.
So when politicians invoke the public will as revealed by their correspondence, I tend to disbelieve. They don't read the mail, they sort it by category and subject matter, then _weigh_ it apparently. Then they decide that everybody is demanding whatever the letter on top says, ignoring any letter on top that doesn't match the political bias that the politician has already decided makes him look most re-electable.
It's all crap and it is out of control. Everybody is talking. Nobody is listening. and the game is, bought anyway.
[A:] Never accept form data via GET, always require POST.
I never understand why any web page, other than something like google search, will or wants to accept data that is part of the URL for any meaningful interraction.
Sure it's bookmark friendly but:
(1) GET contents are logged by default, and PIN-trap elligible in post-facto and blind ("fishing") legal actions, POST contents are not.
(2) GET is the verb used in things like IMG SRC="" requests, if all GET requests are incapable of incidental write operations then that whole category of cross-site-scripting attack is rendered moot.
(3) Because of item 1, the contents of your web server log(s) is, by default, promoted from a stream of tidbits to a first-tier security risk in need of secure archiving. [If you have followed good practices and separated your database machine and your web server onto separate platforms, for instance, then a compromize of your web server of the classic sort will net very little at all if all your logs say is "IP X.X.X.X GET http://site.tld/someform" and "IP X.X.X,X POST http://site.tld/somerequest". If action and identification information are passed around in your GET(s) then an attacker can learn that IP address A.B.C.D is the home of USER=Bob and so forth.]
Basically if people had _honored_ the designation of everything after the question mark ('?") as a _query_ _string_ in the HTTP specification, but not carried the SQL-burdened definition of "query" into the issue, a lot of web-pain could have been avoided.
Yea it might not be as bookmark friendly, but when is it ever smart to bookmark the POST of a filled-in form?
[B:] learn what a _real_ DMZ is (e.g. two routers with the public machines between them and the internet behind one end and the intranet behind the other, with very intense restrictions on what traffic can pass from the DMZ into and through the internet end and _both_ routers configured to _distrust_ _all_ connection attempts originating from the DMZ machines). Then implement this arrangement correctly. There are a bunch of rules for doing this right, and if you follow them your web service machine will be "stuck" in a deep warm hole of safety, in that what it can do will be greatly limited, which is at least as important as making sure that what can be done to it is limited. Most exploits require more than one path to the machine, for instance tricking the web server into "calling you back" with a telnet session or an FTP or SCP of bulk data. If the web server can only pass traffic from the one port (port 80 etc) off of the DMZ then even a successful compromize of the machine may be stopped from having any net effect.
[C:] Every machine in the DMZ is allowed to do exactly one thing. e.g. don't build a LAMP machine, build a LAP and a separate LM machine and place them very close together. This sort of separation can even be done with virtual machines. Just so long as the machines cannot peek at one another's storage etc.
This is not mainstream wisdom, but it is out there if you look for it. (e.g. I didn't make all this stuff up myself. 8-)
There are lots of things that are easy, but not always cheap, to do that could make the world much safer.
They just aren't in the five-days-to-your-web-presence quick-start guides to web servers.
See "take" is the word you don't understand.
If you still _have_ "it" whatever "it" may be, then it hasn't been "taken" from you.
I am serious, please go read up at http://dictionary.die.net/take and contemplate.
Now go read http://dictionary.die.net/copy and contemplate.
Copying is not taking, it's copying.
In the absence of "take" there is no "theft".
I know, ideas this simple can be hard to fathom.
So yes, if I _took_ those bits and bytes from you I would have engaged in theft. But you still have them, so I didn't take them. I copied them. This is a different thing. If words have any meaning in law (that hyperbole of course, the the specific meaning of words is the entire exercise of law) then copying cannot be theft.
See how take and copy are different?
So now, if your position is honest, we are in complete agreement. If I took from you it would be theft, but I copied from you so it was not.
As to your "identity theft" argument, in that case, the act of copying your vital details is not the crime, you give those away all the time. The acto of "stealing your identity" is the crime. In that case I would be taking "your good name" by using it to its detriment and leaving it damaged. i.e. by using your credit up, by selling off your hard-earned reputation to by 74 big-screen televisions and leaving you on the hook, I actually took something from you. You were factually deprived, and likely you will have to expend time to straighten things out and people will want to attach your money to regain their own because they think I was you.
If I "stole your identity" and did great works with it, enriching the poor and feeding the hungry, you probably woudn't consider it "identity theft" unless it maid your syndicate bosses suspect you weren't the criminial they needed.
See, in terms of trading on someone else's name, the definition of "to use up" is widely variable because the the inherent "loss" or "deprivation" is very subjective.
But "lost money" is very objective, so for my copying to in any way "deprive" you of your money, you needs _must_ be able to demonstrate that my act "used up" and therefor "deprived" you of money to claim monitary loss from theft. In the cases where some guy was selling bootlegs on the street, his gain is measurable loss maybe.
No such loss is in evidence when some 13 year old is watching a grainy hand-held-camera-in-a-theater version of random aneme flick over eDonkey.
(1) Consult a lawyer, you shouldn't take legal advice from slashdot that goes past "you shouldn't take legal advice from slashdot".
(2) Admit that you wrote this because of your job and that "now you should pay me extra for it" is a combination of pipe-dream and sour-grapes exacerbated by pride of creation. The project either came out better than you expected, or was chosen because you felt a real need for it and you _knew_ that it was never going to happen or be approved as "real work". This means that this was some sort of clever ploy on your part, deliberate or not, to drive the thin wedge of a chisel into your employer.
(3) If your program is that good, and it really is worth the extra green folding applause, open-source it on Source-forge or something. This way you can reap the glory of your code to get a programming job commensurate to your skills from another company instead of trying to wedge one into existence at your current employer.
(4) Never admit to future employers that you have any system administration skills. No matter what job you go to, they will invariably end up wanting you to administer some system beyond whatever you are hired to do. It's like having herpes, putting your self through college by stripping, or having "an earthy past"; you can never un-have it and your life is easiest if you can hide it from anybody not directly impacted by the shame of it all. It took me several years to wash the taint of "systems administrator" out of my resume and longer still to scrub the "never mind, I'll fix it" habits away. Programming job? fine, but do you mind if we call you any time day-or-night if we can't print and its "Really Important"?
The entire question and genesis of your "hobby" implementation smacks of passive aggressive maneuvering.
Then again, I have made several "hobby" implementations of things and then open-sourced them through my company's back door. [http://underdog.sourceforge.net being the latest of such, though it is stalled for at least another month.] Since I am not "a programmer" at my current job, and there are various impediments to the lateral movement of software in my company if "any project" paid for the development, spending some of my personal time to make my professional life better is time wisely spent.
See there is this thing, shat upon of late in our culture, called "enlightened self interest". That is where you do things that seem, short-term, to not be in your absolute best interest because the total gain is worth it.
If your project really was a hobby action, then you _already_ got the expected return. You have already paid yourself what it cost. Any further payment, be it cash from your company or recognition from them or others, should be pure profit.
The structure of your question, however, belies that tautology. You expect (future tense) to be rewarded with value for the effort expended. This expectation belies any claim of you having done the project for its own sake as a hobby. So to me, and probably to your boss, your question reads "I did all this work, related to my job but un-asked-for, and now I want some payback.
I dearly hope you get your boss to pay you for your work. You will deserve the horrible fruit that will actually bear. Trust me, it will be horrible fruit. If your boss decides to buy the software from you under separate terms, you will find yourself on the hook for free, as in utterly unpaid, support at all hours day-and-night. It won't come under the terms of your base employment, it won't count as overtime etc, and if you try to say "no" well, your boss controls your "actual job" too, so you have nowhere to walk and nobody to blame but yourself. Yes, I have seen this happen to others, and yes it has happened to me.
The two winning moves are:
(A) just drop it on the bosses desk and say "I did this out of pure frustration, do you want us to use it?".
(B) put it on source forge _then_ go back and drop it on your bosses desk and say "I did this out of pure frustration, do you
... encryption.
Imagine a BitTorrent DHT based DNS system. Anybody can add any record they want. There is a convenience layer where human readable DNS names work, but its insecure because anybody can add any record they want.
Real Business(TM) happens when PGP fingerprints or full public keys are used to retrieve the associated records. Each of those records would, of course, be signed with the key in question. Banks and Real Businesses(TM) would have QR code business cards and whatnot with the fingerprints, and people would be likely use bookmarks and home pages they way they were supposed to.
Finally, the smart money would be to actually use the key to encrypt the data/requests flowing towards the host, and have the first (or every) request contain the key the user wants to have used for the encrypted response(s).
Block or deep-packet-inspect that...
It is completely workable, the technology exists, it is "more secure" but, sadly, "more phisable" at the plain-text DNS names level.
Of course, DNS should have never been used as a warrant of identity anyway, it was designed as a phone book and phone numbers change hands, so the first-tier weakness is far exceeded by the value of the rest of the system.
I'd agree that copyright should exist, but in two halves instead of one. This is probably not practical but it would be the right thing...
(1) The right to control the commercial exploitation of the work should vest with the _author_ for life. In particular the right to charge for the work, the right to produce sequels, and generally the right to keep a commercial entity from reaping all the "follow on" rewards for free. The main reason I would want this is because I would like to be able to block, say Disney, from coming in and turning my gritty life lesson into pablum (see "The Little Mermaid" etc) without at least having to buy off my integrity. Once I am dead, who cares...
(2) The "right to be paid" for first-sale of literal copies of the original work, which should peter off at seven years or seven years worth of "good income" for the author.
Non-paid transfers of copies and non-paid non-commercial copying is simply not covered at all.
The rule here is thus: The author gets a cut, if there is a cut to be had, of any new issue of the work. The author retains the right to say "no you cannot use my work for that commercial purpose", the right of _all_ _parties_ to charge for each/any new commercial distribution expires at seven years from that distribution or once the author has been reasonably paid (e.g. no one production of a work entitles anyone to a lifetime of income, else-wise we should still be paying a monthly salary to every layer of any brick in any building ever built); Yes mister big movie production company, you can make a movie of my work, but it will go non-profit at a known point in time, so plan accordingly.
Basically if I am still alive at ninety and you want to make a movie of the book I wrote at thirty, I still deserve both the right to say "you may not debase my creation for cash" and/or "you must pay me." Once I am dead its kind of out of my control. (No my kids/estate don't "deserve" to profit from my corpse any more than the estate of the guys who built the Golden Gate deserve a cut of the toll; that way lies eternal madness.)
Also, I deserve the right to control Cannon for my characters and work, at least in the commercial sphere. (Nobody can stop slash-fic etc). My great opus may be a sequel that I have been working on for years, and as such it could be destroyed if the original gets Disney(d) into alternate cannon by a big production company with broad distribution.
Individual scale copying and copying non-commercially is just below the legal and moral noise floor. Too bad, so sad. Selling unauthorized copies is restricted for until that seven years or I've been paid threshold, but then the gates are opened.
No DRM period. Ever. DRM is the way technology is used to illegally restrict (forever) something that enjoys no legal restriction, in the name of "trying" to stop a corner-case that would be illegal but rarely happens and never matters.
This is how I think it _ought_ to be.
No I don't know how I would express this moral code as a legal statute.
CentOS's release schedule and priorities are centered around F5 Networks need to rev their Big IP product. It's not "seat of their pants" it's "do enough to keep our product happy, and then, well, whatever."
Or at least that's how it was when I worked at F5.
And Red Hat then, more recently, started making things hard for CentOS because they know the above is true. They stopped shpping "stock source plus patch files" and started shipping patched sources.
You know, the "study" (which I didn't read, this being slashdot 8-) probably involved exposing the languages in question a hugely diverse and wide ranging number of College Undergrads That Fancy Themselves Programmers. As such, the fact that the quality of the code was not distinguishable despite the language chosen indites the programmers more than the languages.
The problem with most studies is that College Freshmen already know everything so any attempt to test them is doomed to fail.
As soon as "9/11 happened" I wrote to my congress critter and asked them _NOT_ to consider or pass any legislation in response to the attack.
I got a letter back "assuring" me that congress was working as hard and as fast as possible to do _exactly_ what I begged them not to do.
Dear Rest Of The World:
Next time you decided to deport all your religious wackos, please do not send them all to one place. It weakens the gene pool. If you'd sent us some of those criminals you sent down under to dilute the wacjobbery things would have turned out better.
Signed, the descendants of your bad choices, the U.S.A.
This guy is trying to break into my bank account. I use the last four digits of Pi as my PIN. Once he finds them, my hundreds of dollars are sure to be his.
I got no (practical) options for my broadband here just 10 miles outside of Seattle WA.
What is this "competition" thing I keep hearing about? Where do I go to get _that_?
Maybe it's something they have in free countries, but I live in the U.S.A. where all the meaningful markets are closed, and most of the menaingless ones are soon tto follow under the boot-heels of NPEs.
Many people are not suited to run any kind of business for one reason or another. That doesn't mean than none of the members of a given category of people, except maybe autistics, are a-priori unable to run a successful business.
There are _lots_ of MBAs and their ilk who are not suitable for running a business.
The point of the article isn't "all geek and software guys should run businesses", it is rather the more salient point that "business should be run by the people interested and knowledgeable of the business at hand, rather than people who only possess a prurient interest in the money such a business might have wrung from its functions".
Neither "Lawyers" nor "Businessmen" should _ever_ be allowed to run a business (except for maybe a law practice) nor make policy for any business or government.
By analogy "min-max gamers" make terrible authors because they don't know how to balance characters, and Michael Bay is a terrible director because he doesn't know the difference between a special effect and a plot advancing event.
Money is supposed to be a tool of business, not be the point of one.
Real world example from a previous employer regarding a C++ project:
(element X) All class member variables shall be accessed vit standard format "getters" and "setters".
(element Y) All class member functions shall be defined within the separate compilation unit associated with the class.
These two elements were far apart from each other in the text. The combination of the two meant that most simple accesses of atomic data types (say integers) went from being an integer load (mov EAX,address) to a far call into a separate object file. When I complained I was told to STFU. When I ignored these two requirements and my code was the only code that ran in the time projected and allotted, everybody acted all surprised.
Most coding standards are good for keeping NPEs (non-practicing entities) straight out of school "in line", but they function on the "interchangeable morons" school of programmer management. Thing is, if your code is constrained to allow for the interchange of morons, then your code will be moronic.
goto(s) are bad, but "break" and "continue" are fine. Sure. Except that every now and again, a goto is _exactly_ what you need to make the logic clear, and sure you could skip the goto with purely local throw catch to get out of a nested loop, but that exception isn't all that exceptional any more.
I am all for "thou shalt not"
//this is not indented more than the braces
if (test)
{
commands;
}
when it is preventing something that unreadable, but that's more of a "call the idiot into your office and smack him upside the head" transaction IMHO. Meanwhile I bet someone is going to jump up and call that the epitome of good code layout.
Even Microsoft has abandoned that stupid thing where the type of the variable is prefixed to the name, which seemed like a good idea to have sValue for a short value, until someone decided that maybe it should be a long, but the docs had all been printed and everybody had already written most of the code, so you end up with just the declarations changed "long sValue;" because a global search and replace would have scooped up a bunch of "psValue" entries, and "short sValue" declarations in functions where it didn't change. We generally _ban_ "lptrszActualUsefulName" in favor of "ActualUsefulName" since it's the _compiler's_ job to deal with the type. Evidence shows that a programmer can deduce "FileName" is a string, and if he cannot, there is usually a declaration right there to tell him what it is if he cannot remember.
Coding standards are like military plans. The DO NOT SURVIVE first contact with the enemy, that being programmers trying to solve real world problems in non-retarded ways.
There are only two hard standards: Your code must be readable, your code must not suck.
But just like comparing Finnegan's Wake to Star Trek Slash Fic, the argument of what constitutes "Readable" is unbounded.
for driving without a charged battery?
And the state is going to issue you your "smart device" and coincidentally reserve the right to regularly download everything on it to their servers?
And the state is going to supply homeless people with electricity and chargers for their devices because they also enforce "no existing in public without a state-issued ID" laws.
And the state is going to mandate DRM in all those smart devices so that nobody can display a "fake ID".
And its _all_ going to be universally in place in three years....
right....
Their child prostitution is right out there leading their marketing pushes. Check out the "teen seen" music sources and Disney Channel fare. 13 year old girls in bustiers?
MAFIAA is _proud_ of their rampant selling of child sex and sexuality to the public. That it is more "child porn" than direct prostitution is the only possible argument.
Red Hat regularly puts out "minor releases" that contain stuff that shoudl be "major releases" because they are selling their product to corporations that don't know how to deal with change. What is the point of selling a 2.6.18 kernel with 98% of the 2.6.39 updates in it? Well, since they "didn't change their kernel release" they don't have to worry about getting the new release through the change board.
I work with military stuff and we have guys come in from the military and say "you have to stick with Red Hat version X because that's what this four year old product uses and we don't want to have to deal with a different version.
So this is a case where you were burned by letting the corporate mentality "down play" the truth of the technology.
The linux kernel people don't change things like /proc on a whim, they change things when they discover that something is insufficient. Backwards compatibility is not the final argument. And tell me, how long did it take to fix the change to your proc parser? Probably not very long at all, unless it was one of the things they let in only to discover that it was inappropriate or unworkable beyond the original implementation. In that case it is better to cut out the infection early.
Windows is still hauling around Windows-95 era DLL mistakes. That isn't really doing any of us much of a service. This never rewrite bad code or invalidate any old interface approach was easier, and marketable, but it has held back far more technology than it has fostered.
you don't demand that your 1995 model year carburetor work on your 2010 year car, you don't even demand that the 2009 fan belts fit either. But god forbid you test the latest update before you roll it out and be prepared for it to take some tweaking.
And yes, this variance can be dealt with on a business-wide basis without breaking the bank. Especially if the parts start with the industry standards (e.g. Firefox) instead of random perturbations of said standards (IE).
I didn't say "fix it yourself", so you are "full of the normal reading-in of statements that you can then attack" straw man stuff.
Two points:
There is _never_ a case where "you can't ever fix it at all" is better than "you can fix it if you must". Having an open branch of action is always better than being stuck.
My actual, intended point, was perhaps stated poorly. In many of the commercial software packages I have had the experience of using or making "en mass", there was a pervasive belief that since there was a (paid) tech support channel, it was okay if the release thing was "a little sour" or "just plain crap" as there would be a second tier, and other people, and "more money later" to deal with the crappy bits. HOWEVER, in Open Source, if you put out crap you are going to get a crap load of annoying feedback and abuse from people unwilling to fix it themselves, or even put together a marginally useful bug report. There is no job as thankless as dealing with the fallout of giving something away for free. Because of this "no paid support", the Open Source developer tends to put out _better_ code in the first place so as not to have to deal with the bug-report aftermath.
Additionally, since there is no "check in your build before you go home Friday or else" pressure, on the average code isn't check into the public sphere until the programmer is either "done with it" or until it's "as good as [they] can make it right now".
In short, the people coding for their own benefit don't want the bugs as they offer no benefit; and they _really_ don't want to give the bugs out as that is a detriment, so they don't do "paycheck" work, the do "I actually care" value work.
On the average "for profit" software is usually of lower quality than "because I wanted to", or when it _is_ inferior, there is usually clearly delineated "this part sucks because [some reason] so you will likely need to [some action]" disclosure. No for-profit company is smart enough to ever tell the customer "this part sucks".
In short, open source is usually "better" and "more stable" because nothing is hidden and nobody who is producing it want's to deal with the whiners. This doesn't mean there is no whining.
Finally: anybody who doesn't get the part where "fix is yourself" is an actual option and, absent some remuneration, the "you should fix it for me" bleat is inappropriate, just really should go buy something that will never be fixed and decide to like it. 8-)
I gotta say, most people I work with use firefox regardless of business policy and it hasn't cost the company a dime to the best of my knowledge.
Now I know that "more or less zero" cost wouldn't scale up unchanged.
But as far as I know, there is no reason to believe that the cost (including security exposure to things like Active X and unpatched flaws) of sticking to old IE builds, is known to be cheaper than the cost of checking the latest release of FireFox against a company's list of must-have web applications.
There is no requirement to update Firefox with every EOL, and in general it isn't that fragile.
Meanwhile the "Windows Habits" have got major companies I am not allowed to name running FireFox 2-or-so to this day because they don't want to deal with the life cycle on their non-windows (Feodora etc) boxes.
Business were made sorely afraid by being repeatedly burned by Windows updates. It is oddly rare to be so pervasively burned by non-windows platforms. Before MS and after, most updates are reasonable, just no so much for MS. In my experience anyway, yours may vary.
Business _are_ regular users.
It's "corporate IT departments" that are irregular. They are used to things breaking with updates so they are afraid of updating anything. So sure, just ignore the ludite businesses and "pander to" the "regular users" so that the business, who _alwyas_ must be forced to act anyway, will be forced to evolve.
Trying to make "business users" some kind of non-regular users is trying to invent a false dichotomy.
I think Mozilla et. al. would be _correct_ to utterly ignore any "business specific" evolution as that would be counter productive. Making software "for businesses" is like making software for _any_ niche, in the long run it is a disservice.
Funny thing is, while my company provides IE etc, I and many like me, put Firefox on because it suits our business better anyway. For instance, when I use my company's horrid Junipur Networks VPN thingy, IE8 is horrific and I have to log in and out several times before I can get all the way in (network connect) but if I run Firefox and log in, it grinds for a bit but I get all the way in, usually in one or two tries. (I've watched the [sun] java console and know that the symptom is tied to some odd interface class that links java events to java-script/emca-script events in the browser, but I haven't dug deeper).
The fact of the matter is, the better the browser meets the HTML standards, the better it is for business. Period. The IE-centric web cannot survive the age of the iPhone/Android boom. They will conform or they will continue to fall by the margin. Heck, Windows version-next is all HTML5 by their own announcements.
Now the fact that Linux evolves faster, and so does Firefox, is only "a problem" for companies that are used to having to vet every slow-moving version of Windows. The habit of expecting breakage and avoiding patches is well established for Windows, because it was hugely necessary for Windows. On the average that breakage is far less common in the Open Source stuff as nobody is getting paid for bug support and anything broken can be fixed directly.
In short, we are in the pre-collapse age of secret-source, and the companies are going to lag behind there.
It is "correct" IMHO to aim FireFox at "regular users", since businesses _are_ "regular users". That is the only way to drag "corporate overlords" into the modern era. That has always been the case.
The summary is unclear about a number of things, and the article is not so clear either.
Say one company takes a stock linux distribution (or makes a tiny distro of GPL/Linux parts) and then adds a special binary that does things like phone-home calculate a IPSec key, and then wake up a VPN using that key. This company is on the hook to distribute all the GPL/Linux bits as source but _not_ the key generating program that is "merely" on the same media. The program could also be, perhaps, a web interface for the device running as scripts or binaries or whatever. As long as the program's in question do no link with (in the software linking loader sense) the GPL bits there is no "taint of GPL" to the added code. (This was the old "the GPL is infectious like a virus argument, which people finally understood as "no its not" 8-).
Lets say some other company then makes a mod-kit for the device above and either (a) distributes the kit and/or (b) buys up the devices, applies the kit, and re-sells it.
The second company has no rights to the binary of the first company, but since the first company sold the device in question to either an end user (in case a) or to the second company (in case b), the second company is clear of copyright issues. e.g. they are not making copies of the binary. The first company is not, however, in a position to dispute the second company's action since it isn't making copies of their software, so the second company has no basis to block the second companies actions.
If the first company's software is linked with the GPL bits (e.g. actually in the kernel, or a modification of the IPSec programs in our example) (and not LGPL bits, but full GPL bits) then the first company has three choices: (1) distribute the source with the binary in a common and accessible format (e.g. CDROM, thumb drive, etc) of (2) agree to make the code available to the recipients of the binary for a minimum period of time, put that in writing, and maybe charge a copying fee or not. If they don't do one of those two things then they are NOT ALLOWED to distribute the resulting program. In both cases the recipient of the source is not under any obligation _NOT_ _TO_ just give the source to everybody at _their_ discretion and expense. That is, company one can safely limit its exposure to follow-on distribution costs by only having to distribute the code to the people who got the binary from them, but they can NOT require that the code they give out is not to be copied on by the recipient.
In the case above the first company is trying to stop the second company from doing things. First they said "that is one whole system and it's our 'property' so you cannot mess with it." and the second company said "if its all one system then that system is GPLd and we can quite explicitly do any thing we like with it _OR_ you had no right to sell or even give it away in the first place and you are in deep trouble."
So then the first company said "wait a sec, we mis-spoke. There is all the GPL bits and then there is our program. Our program is ours so you cannot mess with the device." and the second company went on to say "We can mess with the device and all the GPL bits all we want because you sold the device and the GPL bits are GPL. You bits are irrelevant to what we are doing so leave us alone."
So _now_ the company is trying the "well yea, we did sell the device, and you can mess with GPL bits all you like, but when we put our bits in with the GPL bits we were making an artistic statement a whole and when you mess with the GPL bits you are wrecking our artistic vision."
The third argument is tricky in that its as if the first company went out and got three peices of music under the GPL and added a fourth that they want to license under different terms. A guy comes in and messes with one or more of the first three, by perhaps substituting in a "dance re-mix" of the the third song. Now the first company says "the second company is messing up our presentation of these for songs as a whole by tweaking
That would be _FOUR_ liquids passing through the nozzle, not just one. Anode Charged and Cathode Charged going in, Anode Discharged and Cathode Discharged coming out. Mixing of the two charged liquids is the part I think would be hugely dangerous. Small amounts would invariably leak out in traces, and it only takes a some kid going "what's that daddy" for someone to touch the residue of both ports and shock or burn themselves.
Closed systems would be much safer.
And one way or another, when you fill that canteen you either leave/trap a little air or waste some water due to overspill. In fact I bet you often do both.
And the word I meant to put in the subject was "Apocryphal"...
Not to be pedantic. Twice. 8-)